summary refs log tree commit diff stats
path: root/results/classifier/118/none/1843941
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/118/none/1843941')
-rw-r--r--results/classifier/118/none/184394145
1 files changed, 45 insertions, 0 deletions
diff --git a/results/classifier/118/none/1843941 b/results/classifier/118/none/1843941
new file mode 100644
index 00000000..e442f265
--- /dev/null
+++ b/results/classifier/118/none/1843941
@@ -0,0 +1,45 @@
+semantic: 0.708
+device: 0.667
+graphic: 0.607
+network: 0.594
+hypervisor: 0.588
+mistranslation: 0.550
+register: 0.476
+ppc: 0.471
+permissions: 0.454
+socket: 0.453
+user-level: 0.451
+vnc: 0.416
+architecture: 0.410
+kernel: 0.408
+PID: 0.394
+virtual: 0.390
+boot: 0.364
+risc-v: 0.343
+files: 0.316
+debug: 0.316
+VMM: 0.315
+TCG: 0.314
+i386: 0.291
+arm: 0.263
+performance: 0.213
+x86: 0.202
+assembly: 0.195
+peripherals: 0.142
+KVM: 0.123
+
+RBD Namespaces are not supported
+
+Ceph Nautilus (v14.2.0) introduced the Namespaces concept for RADOS Block Devices. This provides a logical separation within a RADOS Pool for RBD images which enables granular access control. See https://docs.ceph.com/docs/nautilus/releases/nautilus/ for additional details.
+
+librados and librbd support this, however qemu does not. The rbd man page defines how rbd images within a namespace can be referenced. https://docs.ceph.com/docs/nautilus/man/8/rbd/#image-snap-group-and-journal-specs
+
+Adding support for RBD namespaces would be beneficial for security and reducing the impact of a hypervisor being compromised and putting an entire Ceph pool or cluster at risk.
+
+I just posted a patch today on the qemu-devel mailing list, you can find it there : https://lists.gnu.org/archive/html/qemu-devel/2019-12/msg04344.html
+
+Thanks for adding the support. I was actually already play-testing your patch. I'll respond to the mailing list soon.
+
+Patch had been included here:
+https://gitlab.com/qemu-project/qemu/-/commit/19ae9ae01471552
+